Payment Processing/Security

By Internet RetailerInternet Retailer

Competition heats up as shoppers pay in new ways

The recession might be officially over, but online consumers, fearful of running up new debt, continue to turn away from credit cards. They're paying in greater numbers with debit and prepaid cards and with alternative payment methods such as PayPal and the many newer payment methods seeking to compete with PayPal.

But the top credit card brands, notably Visa Inc. and MasterCard Worldwide, are moving to play a bigger role in online payments, as is search engine giant Google Inc. Further contributing to the fast pace of change in online payments is the growth of online purchases—and payments—through mobile phones.

All these factors are creating big changes in the online payments landscape, and in many cases raising new issues related to online payment security.

Related Articles

The lingering burdens of debt, enduring fears of job losses and stricter federal rules governing credit card issuance are all contributing to consumers using credit cards less. In fact, online shoppers will use credit cards for 39.4% of online payments in 2014, down from 43.5% in 2009, according to a recent report from research and consulting firm Javelin Strategy & Research. Bank-issued debit cards will see a smaller decline, to 25.6% in 2014 from 28% in 2009.

As they use such cards less, consumers will rely more on prepaid and gift cards, especially once federal rules that take effect in August limit prepaid card fees. And alternative payment methods—this includes PayPal, which has 81 million global users and dominates the space—will account for 19.2% of online purchases in 2014, up from 15.9% in 2009, Javelin predicts.

Credit rebound

However, credit cards will regain popularity with online shoppers as the economy improves, says Jason Pavona, executive vice president, sales and marketing, at Litle & Co., which specializes in processing payments for online and catalog merchants. But that may not be evident right away. "We will continue to see an increased usage of debit transactions through 2010 until the economy starts a full recovery," he says.

Until that happens, alternatives might enjoy at least a narrow window to gain online consumers. But it will be difficult, Pavona says, to dislodge PayPal, which enables shoppers to make payments via funds stored in an account or through payment cards registered with the processing service. PayPal since 2008 also has owned Bill Me Later, which offers consumers 90 days before they have to pay, or similar extended-payment terms. PayPal itself is owned by online auction company eBay Inc.

"PayPal and Bill Me Later is the 800-pound gorilla and has established a clear beachhead that is very difficult to penetrate," Pavona says. "There will continue to be alternative payment brands that are demographically focused—for example, online game merchants that are targeting teens or the unbanked."

Besides PayPal, alternative payment providers will find themselves increasingly competing against the big payment card brands, which are trying to offer new services that could gain them a larger share of online payments. For instance, Visa this year started to enroll consumers into the card network's Rightcliq service that online shoppers can use to store payment card and shipping information, and to comparison shop and track deliveries.

Also this year, MasterCard created MasterCard Labs, a research and development unit meant to bring to market new payment offerings, including those aimed at online consumers. MasterCard appointed Garry Lyons to head the unit. Lyons was CEO of Orbiscom, a payment technology vendor that offered a single-use virtual card that online shoppers could use instead of providing their credit card numbers online.

Another closely watched part of the payments landscape is what's going on at Google Inc., which this year hired Stephanie Tilenius as the search engine giant's new vice president of e-commerce. Tilenius was a nine-year veteran of eBay and had experience at PayPal. The hiring raised questions about what Google intends to do with its Google Checkout online payment processing unit.

Online retailers have wondered about the level of commitment Google has to its processing service, especially after the search engine discontinued the discounts it gave to merchants for using Google Checkout. "We have a lot of work ahead of us to figure out the future of Checkout," Tilenius said in June at the Internet Retailer Conference & Exhibition.

Mobile and security

Tilenius also said that Google is betting consumers in the future will access the web more often through mobile devices than through personal computers. Whether that proves to be true or not, the rapid growth in mobile commerce has analysts and payments professionals thinking about how to capture and secure mobile transactions.

Carl Clump, CEO of fraud-protection company Retail Decisions Inc., says some of his firm's increasingly important customers include mobile networks seeking fraud-prevention technology. "With more mobile transactions, we can expect to see increasing levels of fraud," he says.

That said, more merchants are taking a proactive approach to transaction security than a reactive one, says Thuy Ha, director of product management for Qwest Communications International Inc., which sells hardware and software to help retailers comply with payment security rules. That includes compliance with the Payment Card Industry Data Security Standard, designed to protect consumers' payment card account data.

She says merchants are spending more money on ongoing vigilance to protect transactions than on the initial security assessments. The vigilance enables merchants to advertise that their sites are secure, still an important consideration for consumers even as the popularity of online shopping continues to increase.

One way merchants try to earn consumer trust is by displaying digital certificates from VeriSign Inc., which is selling its identity and authentication business to Symantec Corp., the maker of Norton security products for computers.

VeriSign does at least two billion web site security checks every day, with more than 90,000 web sites in 160 countries displaying its certification checkmark symbol. The certification assures consumers they are entering a legitimate site, not one set up by criminals bent on fraud. A spokesperson for VeriSign says the company hopes to spread use of its certification services to businesses such as doctors' offices.